On 23.12.2022 17:32, Ekaterina Esina wrote: > If uhdlc_priv_tsa != 1 then utdm is not initialized. > And if ret != NULL then goto undo_uhdlc_init, where utdm is dereferenced. > Same if dev == NULL. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Signed-off-by: Ekaterina Esina <ees...@astralinux.ru> > --- > drivers/net/wan/fsl_ucc_hdlc.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/net/wan/fsl_ucc_hdlc.c b/drivers/net/wan/fsl_ucc_hdlc.c > index 22edea6ca4b8..2ddb0f71e648 100644 > --- a/drivers/net/wan/fsl_ucc_hdlc.c > +++ b/drivers/net/wan/fsl_ucc_hdlc.c > @@ -1243,7 +1243,9 @@ static int ucc_hdlc_probe(struct platform_device *pdev) > free_dev: > free_netdev(dev); > undo_uhdlc_init: > - iounmap(utdm->siram); > + if (utdm != NULL) { > + iounmap(utdm->siram); > + } > unmap_si_regs: > iounmap(utdm->si_regs); > free_utdm:
But what is about iounmap(utdm->si_regs); that dereferences utdm a few lines below? -- Alexey